<%@ page language="java" contentType="text/json; charset=UTF-8"
    pageEncoding="UTF-8"%>

<%@page trimDirectiveWhitespaces="true"%>    
<%@ page import="java.sql.ResultSet" %>
<%@ page import="java.sql.SQLException" %>
<%@ page import="java.sql.Statement" %>
<%@ page import="java.sql.Connection" %>
<%@ page import="java.sql.DriverManager" %>
<%@ page language="java" import="java.lang.*" %>
<%@ page import = "java.sql.SQLException" %>
<%@ page import = "com.seniorproject.aims.*" %>
<%@ page import = "java.util.List" %>
<%@ page import="java.util.ArrayList"%>
<%@ page import = "org.codehaus.jackson.JsonGenerationException" %>
<%@ page import = "org.codehaus.jackson.map.JsonMappingException" %>
<%@ page import = "org.codehaus.jackson.map.ObjectMapper" %>
<%@ page import = "java.io.IOException" %>
<%@ page import = "java.util.Properties" %>
<%@ page import = "java.io.InputStream" %>
<%@ page import = "java.util.Date" %>
<%@ page import = "java.text.SimpleDateFormat" %>

<%
		
									
		// get session
		String strUser = String.valueOf(session.getAttribute("sUser"));
		HttpSession htp_session = request.getSession();
		
		
		// check session
		if (htp_session == null || htp_session.getAttribute("sUser") == null) {
		    // Forward the control to login.jsp if authentication fails or session expires
		    request.getRequestDispatcher("/login.jsp").forward(request,
		        response);
		}
		
		if("admin".equals(htp_session.getAttribute("sUser"))){%>
		<script>alert("This user dont have PERMISSION to access this zone.");</script>
		<meta HTTP-EQUIV="Refresh" CONTENT="0; URL=admin_home.jsp"> 	
		<%}
		
		
		
		//////////get permission ///////////
		
		String name = String.valueOf(session.getAttribute("name"));
		String surname = String.valueOf(session.getAttribute("surname"));
		String role_name = String.valueOf(session.getAttribute("student_role"));
		
		String department_id = String.valueOf(session.getAttribute("department_id"));
		
		
		System.out.println("name : " + name);///////////////////////////////
		System.out.println("department_id : " + department_id);/////////////////////////
		System.out.println("Detect1");
		
		List<String> system_name = new ArrayList<String>();
		
		Permission permission = new Permission(strUser,name);
		permission.setDepartmentId(department_id);
		permission.setStudentCreate(Boolean.valueOf(String.valueOf(session.getAttribute("student_create"))));
		permission.setStudentDelete(Boolean.valueOf(String.valueOf(session.getAttribute("student_delete"))));
		permission.setStudentRead(Boolean.valueOf(String.valueOf(session.getAttribute("student_read"))));
		permission.setStudentUpdate(Boolean.valueOf(String.valueOf(session.getAttribute("student_update"))));
		
		String permiss = "";
		if(permission.getStudentCreate()) {
			permiss = permiss + "Add";
		}
		if(permission.getStudentUpdate()) {
			if("".equals(permiss)) {
				permiss = permiss + "Edit";
			} else {
				permiss = permiss + " Edit";
			}
		}
		if(permission.getStudentRead()) {
			if("".equals(permiss)) {
				permiss = permiss + "Read";
			} else {
				permiss = permiss + " Read";
			}
		}
		if(permission.getStudentDelete()) {
			if("".equals(permiss)) {
				permiss = permiss + "Delete";
			} else {
				permiss = permiss + " Delete";
			}
		}
		//check permission
		System.out.println("Detect2");
		if(!permission.getStudentRead()){%>
			<script>alert("This user dont have PERMISSION to access this zone.");</script>
			<meta HTTP-EQUIV="Refresh" CONTENT="0; URL=student_home.jsp"> 	
		<%}
		
		/*
		System.out.println("Reset message_path");
		session.setAttribute("message_path", "0");
		System.out.println("message_path:"+session.getAttribute("message_path"));
		*/
		
		//set Database Connection
		String hostProps = "";
		String usernameProps  = "";
		String passwordProps  = "";
		
		try {
			//get current path
			ServletContext servletContext = request.getSession().getServletContext();
			
			InputStream input = servletContext.getResourceAsStream("/properties/connectDB.properties");
			Properties props = new Properties();
			
			props.load(input);
		
			hostProps  = props.getProperty("host");
			usernameProps  = props.getProperty("username");
			passwordProps  = props.getProperty("password");
		} catch (Exception e) { 
			out.println(e);  
		}
		
		System.out.println("hostProperties : "+hostProps);////////////////try/////////////////
		System.out.println("usernameProperties : "+usernameProps);////////////////try/////////////////
		System.out.println("passwordProperties : "+passwordProps);////////////////try/////////////////
		
		// connect database
		Connection connect = null;		
		try {
			Class.forName("com.mysql.jdbc.Driver");
		
			connect =  DriverManager.getConnection("jdbc:mysql://" + hostProps  + "/AIMS" +
					"?user=" + usernameProps  + "&password=" + passwordProps );
		
			if(connect != null){
				System.out.println("Database Connect Sucesses.");
			} else {
				System.out.println("Database Connect Failed.");	
			}
		
		} catch (Exception e) {
			out.println(e.getMessage());
			e.printStackTrace();
		}
	

	System.out.println("@ student_import_file_all_background");		
	String student_id = request.getParameter("student_id");
	String file_path = request.getParameter("file_path");
	String file_name_old = request.getParameter("file_name_old");
	System.out.println("student_id:"+student_id);
	System.out.println("file_path:"+file_path);
	System.out.println("file_name_old:"+file_name_old);
	String index="";
	
	// Start Add to table
	
	
	try{
		
		// step 1: get index form student_id
		ResultSet rs = 
						connect.createStatement().executeQuery(" SELECT P.index "+
															   " FROM people P , student S " +
															   " WHERE P.index=S.index "+
															   " AND S.student_id='"+student_id+"'");
															   	
		while(rs.next())
		{
				index = rs.getString("index");
		}
		System.out.println("found index:"+index);
		
		// step 2: add to table
		String sql_statement = "INSERT INTO `file`(`index`, `name_old`, `file_path`)"+
				   " VALUES ('"+index+"','"+file_name_old+"','"+file_path+"')";
		
		System.out.println("SQL_STATEMENT:"+sql_statement);
		
		connect.createStatement().executeUpdate(sql_statement);
		
		/* Log file */
		String log = strUser+" "+name+" "+surname+" add file";
		Log.writeUserFile(log);
		Log.writeUserFile(sql_statement);
		
		out.print("success");
														
	}
	catch(Exception x){
		x.printStackTrace();
		out.print("fail");
	}
	
	connect.close();


%>